Security Identifier (SID) to User Identifier (uid) ResolutionSystem

Luke Kenneth Casson Leighton lkcl at
Fri Dec 31 09:42:40 GMT 1999

john, thx 4 input.

> > simulate NT ACLs, you mean.  and the mapping between NT ACLs and unix
> > file/directory permissinos does not depend on the target unix host having
> > ACLs (see above).
> It supplies nowhere near the same utility.  Obviously it can be done, and is
> being done, but you are basically limited to the owner and two built in
> groups, and having to deal with the READONLY bit.
> Setting a file READONLY is easy.  Clearing the READONLY bit is problematic
> for a POSIX based security system.  Should it be cleared for just Owner, or
> also for Group and World?
> (I do not quite remember what SAMBA actually does in this case.)  The
> current main VMS port ignores those attributes, and I have not coded a
> better implementation other than to accurately report the current ones for
> the file.)

this is an "encapsulated" problem, as part of the "simulation" of NT ACLs,
using traditional unix file permissions.

apreciate you bringing this up.

More information about the samba-technical mailing list